"Personal Information of Nearly Two Million Texans Exposed"

The personal information of nearly two million Texans was exposed for almost three years due to a programming issue at the Texas Department of Insurance (TDI).  The department revealed that details of 1.8 million workers who have filed compensation claims were publicly available online from March 2019 to January 2022.  The information publicly available included Social Security numbers, addresses, dates of birth, phone numbers, and information about workers’ injuries.  In a public notice on March 24, TDI said it first became aware of a security issue with a TDI web application that manages workers’ compensation information on January 4, 2022.  This issue enabled members of the public to access a protected part of the online application.  In an updated press release published on Tuesday, May 17, TDI said the investigation did not find any evidence workers’ personal information had been misused.  Neil Jones, director of cybersecurity evangelism at Egnyte, stated that although there’s no current evidence that the breached information has been used maliciously, it is not uncommon for attackers to wait for just the right time to post their breached data to the Dark Web.

Infosecurity reports: "Personal Information of Nearly Two Million Texans Exposed"